From d35a698b3545b3bd4abc157c5f617916111fc4bc Mon Sep 17 00:00:00 2001
From: Kurt Schwehr <schwehr@google.com>
Date: Fri, 15 Jun 2018 12:33:10 -0700
Subject: Do not scan past the end of the read data in pj_ctx_fgets

use-of-uninitialized-value third_party/proj4/proj/src/pj_fileapi.c:pj_ctx_fgets

Found with autofuzz msan
---
 src/pj_fileapi.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/pj_fileapi.c b/src/pj_fileapi.c
index d8a447d6..eba96afd 100644
--- a/src/pj_fileapi.c
+++ b/src/pj_fileapi.c
@@ -188,6 +188,7 @@ char *pj_ctx_fgets(projCtx ctx, char *line, int size, PAFile file)
     long start = pj_ctx_ftell(ctx, file);
     size_t bytes_read;
     int i;
+    int max_size;
 
     line[size-1] = '\0';
     bytes_read = pj_ctx_fread(ctx, line, 1, size-1, file);
@@ -198,7 +199,8 @@ char *pj_ctx_fgets(projCtx ctx, char *line, int size, PAFile file)
         line[bytes_read] = '\0';
     }
 
-    for( i = 0; i < size-2; i++)
+    max_size = (int)MIN(bytes_read, (size_t)(size > 2 ? size - 2 : 0));
+    for( i = 0; i < max_size; i++)
     {
         if (line[i] == '\n')
         {
-- 
cgit v1.2.3